Commit Graph

402 Commits

Author SHA1 Message Date
Tad
25cc717ec2 Use GrapheneOS' hardened memory allocator
+ 16.0: some other misc hardening patches from GrapheneOS
  - always restrict access to Build.SERIAL
  - don't grant location permission to system browsers
  - fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
60cf364f19 Minor tweaks
- init.sh: sort options
- overlay: leave radioScanningTimeout default
- hardenDefconfig: disable more components with CVEs
- cherry picks
- 16.0: trebuchet: tmp fix for default workspace overlay
2019-04-03 19:04:37 -04:00
Tad
1c49b80da0 Minor tweaks
- CVE patchers were updated with no change
- hardenDefconfig: disable MSM_SMP2P_TEST to mitigate CVE-2019-2247
- 14.1 add a cherry pick
2019-04-01 18:57:04 -04:00
Tad
dd7e4c3faf Remove more blobs 2019-03-22 05:28:57 -04:00
Tad
e344b17a36 Build fixes + new blob blocker 2019-03-22 04:20:06 -04:00
Tad
23f8759937 Remove some unneeded packages 2019-03-12 20:40:31 -04:00
Tad
cfe766be09 Tweaks 2019-03-11 18:19:50 -04:00
Tad
b1455b641d Update CVE patchers 2019-03-08 15:15:46 -05:00
Tad
5607db2e0b Update CVE patchers
- More aggressively attempt to apply incremental patches by
  ignoring the current subversion, as it is common for it to be 0
  Hopefully I won't have to revert this
2019-03-04 21:41:55 -05:00
Tad
9e897989d1 Update CVE patchers 2019-03-04 20:18:29 -05:00
Tad
f5d99c938b 16.0: More bringup 2019-03-04 05:53:51 -05:00
Tad
afe719ffc4 16.0: Initial bringup
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
83478880ef WireGuard kernel module inclusion support 2019-03-04 00:06:22 -05:00
Tad
bc63feedc9 Update CVE patchers 2019-02-21 06:25:47 -05:00
Tad
fccc124868 tuna fixes + fdroid priv changes 2019-02-14 04:36:50 -05:00
Tad
b9ff7a74e6 Updates and fixes 2019-02-12 16:09:41 -05:00
Tad
ffabfb3616 14.1: fix maguro denials 2019-02-09 14:47:55 -05:00
Tad
9178760d1a Updater: Fix downloads over Tor
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
aa9b5499e6 Updates 2019-02-07 11:15:29 -05:00
Tad
15237becbb Update CVE patchers 2019-02-04 16:03:59 -05:00
Tad
378971497c 14.1: Support unified tuna 2019-02-01 02:53:13 -05:00
Tad
0ea1d37f0c Minor changes
- Update cherrypicks
- Update submodules
- Add some comments
2019-01-28 21:54:45 -05:00
Tad
ec3ffa38f2 Fixup CVE patchers 2019-01-07 19:42:25 -05:00
Tad
d8aac4c07b Update CVE patchers 2019-01-07 17:07:00 -05:00
Tad
c27f226269 Properly fix network mode patch 2018-12-29 12:19:27 -05:00
Tad
66a38a4705 Fixup network modes patch on 14.1 2018-12-28 14:53:23 -05:00
Tad
0df749ef73 Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only 2018-12-28 08:02:24 -05:00
Tad
c07027dd97 Many changes
- Update CVE patchers
- Update submodules
- Update defconfig enablers
- Update DNS IP addresses
- + Misc changes
2018-12-24 23:29:56 -05:00
Tad
6c4eadcdc7 Manifest cleanup + always remove latemount from /cache
formatting/erasing /cache will result in selinux contexts being lost
these are normally restored by system/core/rootdir/init.rc in post-fs
but latemount causes /cache to not be mounted beforehand
preventing it from ever being fixed
result is broken ota and recovery updates
2018-12-20 17:22:34 -05:00
Tad
c5d2f25797 11.0: nex: switch to -user + add disabled overclock 2018-12-19 02:15:15 -05:00
Tad
a652eb1e23 11.0: Remove the rest of CMStats
Hmm, I don't remember Dialer having stats.
Goddamn spyware.
2018-12-18 23:39:29 -05:00
Tad
bae3092539 11.0: Remove CMStats 2018-12-18 22:08:57 -05:00
Tad
875d6505af F-Droid changes
- Drop Briar repo, its in main repos now and seems to keep in sync
- Switch to official builds of PrivExt
2018-12-18 21:37:35 -05:00
Tad
715cb32468 11.0: Cherrypick ASB topics 2018-12-18 21:36:02 -05:00
Tad
314701f0e8 11.0: Drop grouper + more work 2018-12-18 21:36:01 -05:00
Tad
28b0e915f5 11.0: More restoration work 2018-12-18 21:35:41 -05:00
Tad
01be578137 11.0: Initial restore
I think this is like the 6th time I've done this.
I always remove it, wait a few months, pull out a device that I want to run it on
and then spend hours restoring and bringing it back. I always think to myself
do I really need to toy with this device? No, I don't, but I do it anyway. :)
2018-12-18 21:35:14 -05:00
Tad
c6206ccd7e Minor updates 2018-12-17 17:59:12 -05:00
Tad
982462aa00 Update CVE patchers 2018-12-04 17:21:39 -05:00
Tad
6ea39e0a0f Updates 2018-11-13 17:33:49 -05:00
Tad
5be6227a8b Minor updates + Update CVE patchers 2018-11-06 21:09:35 -05:00
Tad
34be4797ea Switch to official F-Droid 2018-10-20 16:26:42 -04:00
Tad
95959a0d89 Many changes
- Add back microG support (not enabled)
- Add choice between DNS66 and Blokada when $DOS_HOSTS_BLOCKING=false
2018-10-19 18:28:18 -04:00
Tad
5696da8d0c Many changes
- 15.1: Update some CVE patchers
- 15.1: Address some mako denials
- 14.1: Add cherrypicks for various security patches
- Common: Prepare for F-Droid additional repos
- Common: Disable overclock for mako
- Misc tweaks
2018-10-19 09:55:08 -04:00
Tad
586f967667 Minor updates 2018-10-14 20:21:06 -04:00
Tad
136bb520aa Update CVE patchers 2018-10-01 22:45:00 -04:00
Tad
776be6f992 Backport Updater Tor support patch to 14.1 2018-09-24 06:46:54 -04:00
Tad
08c65c8334 Patches to add captive portal check toggle from @MSe1969 2018-09-22 21:05:41 -04:00
Tad
b50352bc8e Updater: Add initial Tor support 2018-09-20 21:45:58 -04:00
Tad
51fd815236 Update CVE patchers 2018-09-13 21:53:30 -04:00